EVPN Configuration Instance - EVPN Distributed Gateway

Posted by MikeFairbrother on Fri, 24 Dec 2021 11:54:15 +0100

Today we will introduce the related content of EVPN. Using Huawei eNSP simulator as a tool, this paper designs and implements a typical EVPN application scenario for configuring distributed gateways, and completes the corresponding configuration.
Read this article, you need to know something about EVPN. If you are still confused about it, you are welcome to read other articles in my blog, and I am sure you will get some results!
Recommended reading articles:
VXLAN Details (1)
VXLAN Details (2)
VXLAN Details (3)
Detailed description of EVPN technology in VXLAN (1) - EVPN implementation of VXLAN tunnel control
Detailed description of EVPN technology in VXLAN (2) - EVPN and VXLAN distributed gateway
It is highly recommended that you read the following articles:
EVPN Configuration Instance (1) - EVPN Centralized Gateway

1. Experimental Topology and Requirements

The experimental topology, shown above, now requires the configuration of EVPN s to implement distributed gateways.

2. Experimental Configuration Commands

(1) BGP-related configuration

BGP configuration is similar to EVPN configuration of centralized gateway, but since EVPN only plays a role in EVPN configuration scenario of knowing the VXLAN tunnel, rather than passing Type 2 routes, in EVPN implementation of distributed gateway configuration, Type 2 routes must be manually published in BGP view. The relevant configuration commands are as follows:

bgp 100
 peer 2.2.2.2 as-number 100
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  peer 2.2.2.2 enable
 #
 l2vpn-family evpn
  undo policy vpn-target
  peer 2.2.2.2 enable
  peer 2.2.2.2 advertise irb
#

(2) Configuration of Vbdif interface for distributed gateway

In the distributed gateway scenario, the Vbdif interface needs to be configured on each CE device to act as a gateway to downstream virtual machines. In the distributed gateway scenario, ARP-related settings must be turned on with the following configuration commands:

interface Vbdif10
 ip binding vpn-instance A
 ip address 192.168.10.254 255.255.255.0
 arp broadcast-detect enable
 arp collect host enable
#

(3) VPN instance configuration related commands

To achieve isolation between tenants and normal delivery of EVPN routes, we need to configure the VPN instance and the values of RD and RT as follows:

ip vpn-instance A
 ipv4-family
  route-distinguisher 100:2
  vpn-target 100:100 export-extcommunity evpn
  vpn-target 100:100 import-extcommunity evpn
 vxlan vni 100
#

(4) Configuration related to BD domain

The configuration of the BD domain is approximately the same as that under the EVPN centralized gateway with the following configuration codes:

bridge-domain 10
 vxlan vni 10
 evpn
  route-distinguisher 100:10
  vpn-target 100:100 export-extcommunity
  vpn-target 100:100 import-extcommunity
#

3. Experimental results

(1) Communication between PC and gateway

(2) Interoperability of PC1 with PC3 and PC4

4. Appendix - CE1 related codes

evpn-overlay enable
#
ip vpn-instance A
 ipv4-family
  route-distinguisher 100:2
  vpn-target 100:100 export-extcommunity evpn
  vpn-target 100:100 import-extcommunity evpn
 vxlan vni 100
#
bridge-domain 10
 vxlan vni 10
 evpn
  route-distinguisher 100:10
  vpn-target 100:100 export-extcommunity
  vpn-target 100:100 import-extcommunity
#
bridge-domain 20
 vxlan vni 20
 evpn
  route-distinguisher 100:20
  vpn-target 100:100 export-extcommunity
  vpn-target 100:100 import-extcommunity
#
interface Vbdif10
 ip binding vpn-instance A
 ip address 192.168.10.254 255.255.255.0
 arp broadcast-detect enable
 arp collect host enable
#
interface Vbdif20
 ip binding vpn-instance A
 ip address 192.168.20.254 255.255.255.0
 arp broadcast-detect enable
 arp collect host enable
#
interface GE1/0/0
 undo portswitch
 undo shutdown
 ip address 155.1.11.1 255.255.255.0
#
interface GE1/0/1
 undo shutdown
#
interface GE1/0/1.10 mode l2
 encapsulation dot1q vid 10
 bridge-domain 10
#
interface GE1/0/1.20 mode l2
 encapsulation dot1q vid 20
 bridge-domain 20
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
#
interface Nve1
 source 1.1.1.1
 vni 10 head-end peer-list protocol bgp
 vni 20 head-end peer-list protocol bgp
#
bgp 100
 peer 2.2.2.2 as-number 100
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  peer 2.2.2.2 enable
 #
 l2vpn-family evpn
  undo policy vpn-target
  peer 2.2.2.2 enable
  peer 2.2.2.2 advertise irb
#
ospf 1
 area 0.0.0.0
  network 1.1.1.1 0.0.0.0
  network 155.1.11.0 0.0.0.255

The original is not easy to reproduce, please explain the source: https://blog.csdn.net/weixin_40228200/article/details/119715929

Topics: computer networks vxlan

Programmer Think